Before we get to news around the web, a couple of updates here on The Nexus of Privacy:
- Last week's post on #StopShotSpotter now has updates about Detroit, Cleveland, and Dayton – which decided not to renew its ShotSpotter contract!
- Yesterday's White House Releases a “Blueprint for an AI Bill of Rights” now has an updated section on how it might (or might not) lead to regulation of AI use in industry
Danielle Keats Citron on WIRED (wired.com)
In a story adepted from Professor Citron's new book The Fight for Privacy: Protecting Dignity, Identity, and Love in the Digital Age, she pushes back on the framing that privacy is just consumer protection issue. Instead she looks at how it’s inextricably linked to equality, with urgent implications for women and minorities.
To combat invasions of intimate privacy, we first need to recognize intimate privacy as a moral and legal right. Everyone deserves intimate privacy to create a life of meaning, respect, and love and to feel that they belong as citizens. In making this a civil right, lawmakers would show their appreciation of intimate privacy’s significance for individuals, groups, and society.
In the United States, the recognition of a civil right has legal significance and moral resonance. Our civil rights tradition secures strong protections for crucial rights. Lawmakers can insist upon robust duties to protect intimate privacy and to remedy its violation. The recognition of a civil right to intimate privacy is urgent for women and minorities who suffer discrimination due to attitudes stigmatizing their bodies and intimate lives. Although modern civil rights laws are principally antidiscrimination laws, that should not be their sum total. A civil right to intimate privacy must combat invidious discrimination and secure basic entitlements for all.
Law professor Danielle Citron: ‘Privacy is essential to human flourishing’, an interview by Laurie Clark in The Guardian, and Professor Danielle Citron’s New Book Argues Intimate Privacy Is a Human Right on Univesity of Virgnia's site, are good companion reads.
BUY THE BOOK!
The Fight for Privacy is available
from publisher W.W. Norton
or via Amazon
Ari Ezra Waldman on California Law Review (californialawreview.org)
Professor Waldman (author of the outstanding Industry Unbound: The Inside Story of Privacy, Data, and Corporate Power) argues that rather than being influenced by the EU's GDPR or a Californias CCPA, recent privacy laws are creations of industry. That's certainly the case for laws like Virgnia's, which was based on the Bad Washington Privacy Act, and is widely described as written by Amazon and Microsoft. As Waldman says on Twitter, "The law has been endogenously created by industry practices that legitimize data extraction."
From the abstract
Privacy law is at a crossroads. In the last three years, U.S. policymakers have introduced more than fifty proposals for comprehensive privacy legislation, most of which look roughly the same: they all combine a series of individual rights with internal compliance. The conventional wisdom sees these proposals as groundbreaking progress in privacy law and explains their uniformity by looking to catalyzing precedent like the General Data Protection Regulation in Europe or the California Consumer Privacy Act.
This Article challenges that emerging consensus. Relying on contemporary sociological and critical studies scholarship, this Article analyzes recent privacy proposals in the United States through their social practices and argues that those practices are drawing boundaries that set the terms of privacy law from the ground up. In other words, privacy law’s practices are descriptively and normatively performative: they have socially constructed what we think privacy law is and should be. We have not only become accustomed to conceptualizing privacy law in certain ways; we have come to see a model of individual rights and internal procedural compliance as the normal, ordinary, commonsense modality of privacy law. So constructed, privacy law is flawed, with substantial negative effects for individuals, society, equality, and justice.
Waldman's 2021 How Big Tech Turns Privacy Laws Into Privacy Theater on Slate and A Provocative Critique of Privacy Law (an interview by Daniel Solove on Tech Privacy) are good introductions to his work.
BUY THE BOOK!
Industry Unbound is available
from publisher Cambridge University Press
or via Amazon
Automated License Plate Readers Threaten Abortion Access. Here’s How Policymakers Can Mitigate the Risk
Dave Maass on Electronic Frontier Foundation (eff.org)
Automated license plate readers (ALPRs) are camera systems that capture license plate numbers and upload the information – including times, dates, locations – to databases. If that sounds like mass surveillance to you ... you're right! But as EFF points out
Now, in the wake of the U.S. Supreme Court's Dobbs ruling, that technology may soon be turned against people seeking abortions, the people who support them, and the workers who provide reproductive healthcare.
Aaron Gordon on VICE Motherboard (vice.com(
Michael Fox, a superintendent for a small New Jersey school district in Bergan County, sent dozens of sales pitches and coordinated closely with Verkada sales reps to hawk smart security cameras. Another county employee, who works at the county's Office of the Inspector General and is also a a security consultant for third party resellers of security products, was also copied on the mails. Bergen County employees are allowed to have outside employment as long as it does not conflict with county contracts or county activities – and Verkada sells through third-party resellers, so it's not technically a conflict.
Jason Kelley on Electronic Frontier Foundation (eff.org)
SAN FRANCISCO—The Federal Trade Commission must review the lack of privacy and security protections among daycare and early education apps, the Electronic Frontier Foundation (EFF) urged Wednesday in a letter to Chair Lina Khan. EFF Director of Engineering Alexis Hancock’s recent investigation found early education and daycare apps have several troubling security risks. Some allow public access to children’s photos via insecure cloud storage; many have dangerously weak password policies; at least one (Tadpoles for Parents) sends “event” data, including when the app is activated and deactivated, to Facebook; and several enable cleartext traffic that can be exploited by network eavesdroppers.
Schuyler Mitchell on The Intercept (theintercept.com)
Cubic Corporation does transit projects like New York City’s OMNY, but also cleans up on government surveillance and security contracts.
Mallory Knodel, Ryan Polk, and Sheetal Kumar on context.news
Governments worldwide are attacking encryption, infringing on the right to privacy and undermining their stated aim of making the internet safer for all
on Data & Society (datasociety.net)
Data & Society board unanimously appointed Dr. Charlton McIlwain as the new president of the board of directors. McIlwain has served on the board since February 2021. D&S founder danah boyd has stepped down as president and has decided not to renew her board term when it ends March 1, 2023.
David Ingram on NBC News (nbcnews.com)
The court is poised to hear as many as three cases this term about the legal protections that social media companies have used to become industry behemoths.
on NYTimes (nytimes.com)
More than 80 percent of all travelers entering the U.S. are now verified by facial recognition. The loss of older, seemingly more convenient methods has many perplexed. And then there are the privacy issues.
Natasha Lomas on TechCrunch (techcrunch.com)
The UK government has paused a data reform bill while ministers take a fresh look at how to replace the EU GDPR.
on Brave Browser (brave.com)
Recent versions of Brave on iOS include many new privacy features, ensuring that Brave iOS users have the strongest available protections of any iOS browser.
CPDP is an annual three-day conference devoted to privacy and data protection. The 16th edition of CPDP will be held on 24-26 May 2023 in Brussels. This call for panels is aimed at academic consortia, research projects, think tanks and other research organisations.
Jessica Lyons Hardcastle on The Register (theregister.com)
Phrasing, Arizona... AG claims deal is ‘historic’
VB Staff on VentureBeat (venturebeat.com)
The most popular mobile apps all store basic user information, and 60% store information from private conversations.
Future of Privacy Forum (fpf.org)
Women@ Privacy Awards FPF is honored to host W@Privacy for its first edition of the W@Privacy Awards! As part of W@Privacy’s mission to enhance the visibility and empowerment of women privacy professionals, they’ll recognize and celebrate outstanding women in the privacy field from various categorie…
Demographic-Reliant Algorithmic Fairness: Characterizing the Risks of Demographic Data Collection in the Pursuit of Fairness
McKane Andrus on arXiv.org (arxiv.org)
Most proposed algorithmic fairness techniques require access to data on a “sensitive attribute” or “protected category” (such as race, ethnicity, gender, or sexuality) in order to make performance comparisons and standardizations across groups, however this data is largely unavailable in practice, h…
Amazon’s Ring announces plan to use a robot for security patrols alongside new home security devices
Sarah Perez on TechCrunch (techcrunch.com)
Amazon unveiled a refresh of its Ring lineup including new cameras, alarms and more.
Daniel Konstantinovic on Insider Intelligence (insiderintelligence.com)
Privacy standards are changing under advertisers’ feet: Lawsuits from private citizens and the federal government show that a digital advertising reckoning is under way.
Privacy activists are decrying a couple who use TikTok to show how they track people who rented their cars on the car-sharing app Turo.
Paul Karp on The Guardian (theguardian.com)
Mark Dreyfus indicates potential reforms to laws regarding data breaches including higher penalties, mandatory precautions and customer notifications
BARBARA ORTUTAY on Associated Press (apnews.com)
With roosters crowing in the background as he speaks from the crowded refugee camp in Bangladesh that’s been his home since 2017, Maung Sawyeddollah, 21, describes what happened when violent hate speech and disinformation targeting the Rohingya minority in Myanmar began to spread on Facebook.
Jessica Davis on SC Media (scmagazine.com)
A GAO audit of the Medicaid telehealth program found that more oversight is needed of how providers are communicating the privacy and security risks to patients.
Indonesia Data Protection Law Includes Potential Prison Time, Asset Seizure, Right to Compensation for Data Breaches
Scott Ikeda on CPO Magazine (cpomagazine.com)
An Indonesia data protection law that has been in development since 2016 includes some of the harshest penalties yet seen in national data privacy regulations, along with a right to compensation for data breaches.
Kim Key on PCMag (pcmag.com)
Gaming companies monitor all your in-game activities, which means they know more about you than you might want. Follow these tips to limit your online data sharing.